From 8045b54124f0365b3d34d9d3220256f052f2b76b Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 19 May 2000 18:41:26 +0000 Subject: [PATCH] Use getpassphrase() instead of getpass() if available. --- clients/tools/ldapdelete.c | 2 +- clients/tools/ldapmodify.c | 2 +- clients/tools/ldapmodrdn.c | 2 +- clients/tools/ldappasswd.c | 10 +++++----- clients/tools/ldapsearch.c | 2 +- clients/ud/auth.c | 6 +++--- configure | 25 +++++++++++++------------ configure.in | 1 + include/ac/unistd.h | 13 ++++++++++--- include/portable.h.in | 3 +++ libraries/liblutil/getpass.c | 13 +++++++++---- 11 files changed, 48 insertions(+), 31 deletions(-) diff --git a/clients/tools/ldapdelete.c b/clients/tools/ldapdelete.c index 5a69de52a8..6e06b769e3 100644 --- a/clients/tools/ldapdelete.c +++ b/clients/tools/ldapdelete.c @@ -318,7 +318,7 @@ main( int argc, char **argv ) } if (want_bindpw) - passwd.bv_val = getpass("Enter LDAP Password: "); + passwd.bv_val = getpassphrase("Enter LDAP Password: "); passwd.bv_len = strlen( passwd.bv_val ); if ( authmethod == LDAP_AUTH_SASL ) { diff --git a/clients/tools/ldapmodify.c b/clients/tools/ldapmodify.c index ea00cb33fd..d2b453cd1e 100644 --- a/clients/tools/ldapmodify.c +++ b/clients/tools/ldapmodify.c @@ -382,7 +382,7 @@ main( int argc, char **argv ) } if (want_bindpw) - passwd.bv_val = getpass("Enter LDAP Password: "); + passwd.bv_val = getpassphrase("Enter LDAP Password: "); passwd.bv_len = strlen( passwd.bv_val ); if ( authmethod == LDAP_AUTH_SASL ) { diff --git a/clients/tools/ldapmodrdn.c b/clients/tools/ldapmodrdn.c index 5b7a403621..3aa05b10f0 100644 --- a/clients/tools/ldapmodrdn.c +++ b/clients/tools/ldapmodrdn.c @@ -365,7 +365,7 @@ main(int argc, char **argv) } if (want_bindpw) - passwd.bv_val = getpass("Enter LDAP Password: "); + passwd.bv_val = getpassphrase("Enter LDAP Password: "); passwd.bv_len = strlen( passwd.bv_val ); if ( authmethod == LDAP_AUTH_SASL ) { diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c index aa81513dd9..18b19c2d61 100644 --- a/clients/tools/ldappasswd.c +++ b/clients/tools/ldappasswd.c @@ -246,8 +246,8 @@ main( int argc, char *argv[] ) if( want_oldpw && oldpw == NULL ) { /* prompt for old password */ char *ckoldpw; - newpw = strdup(getpass("Old password: ")); - ckoldpw = getpass("Re-enter old password: "); + newpw = strdup(getpassphrase("Old password: ")); + ckoldpw = getpassphrase("Re-enter old password: "); if( strncmp( oldpw, ckoldpw, strlen(oldpw) )) { fprintf( stderr, "passwords do not match\n" ); @@ -258,8 +258,8 @@ main( int argc, char *argv[] ) if( want_newpw && newpw == NULL ) { /* prompt for new password */ char *cknewpw; - newpw = strdup(getpass("New password: ")); - cknewpw = getpass("Re-enter new password: "); + newpw = strdup(getpassphrase("New password: ")); + cknewpw = getpassphrase("Re-enter new password: "); if( strncmp( newpw, cknewpw, strlen(newpw) )) { fprintf( stderr, "passwords do not match\n" ); @@ -280,7 +280,7 @@ main( int argc, char *argv[] ) if (want_bindpw && passwd.bv_val == NULL ) { /* handle bind password */ fprintf( stderr, "Bind DN: %s\n", binddn ); - passwd.bv_val = strdup( getpass("Enter bind password: ")); + passwd.bv_val = strdup( getpassphrase("Enter bind password: ")); passwd.bv_len = strlen( passwd.bv_val ); } diff --git a/clients/tools/ldapsearch.c b/clients/tools/ldapsearch.c index 096568345c..da68310741 100644 --- a/clients/tools/ldapsearch.c +++ b/clients/tools/ldapsearch.c @@ -521,7 +521,7 @@ main( int argc, char **argv ) } if (want_bindpw) { - passwd.bv_val = getpass("Enter LDAP Password: "); + passwd.bv_val = getpassphrase("Enter LDAP Password: "); passwd.bv_len = strlen( passwd.bv_val ); } diff --git a/clients/ud/auth.c b/clients/ud/auth.c index 37eb8ccb78..5ae44ef154 100644 --- a/clients/ud/auth.c +++ b/clients/ud/auth.c @@ -50,7 +50,7 @@ int auth( char *who, int implicit ) { int rc; /* return code from ldap_bind() */ - char *passwd = NULL; /* returned by getpass() */ + char *passwd = NULL; /* returned by getpassphrase() */ char **rdns; /* for fiddling with the DN */ int authmethod; int name_provided; /* was a name passed in? */ @@ -241,7 +241,7 @@ auth( char *who, int implicit ) authmethod = LDAP_AUTH_SIMPLE; sprintf(prompt, " Enter your LDAP password: "); do { - passwd = getpass(prompt); + passwd = getpassphrase(prompt); } while (passwd != NULL && *passwd == '\0'); if (passwd == NULL) { (void) ldap_value_free(rdns); @@ -352,7 +352,7 @@ krbgetpass( char *user, char *inst, char *realm, char *pw, C_Block key ) sprintf(prompt, " Enter Kerberos password for %s: ", kauth_name ); #endif do { - passwd = getpass(prompt); + passwd = getpassphrase(prompt); } while (passwd != NULL && *passwd == '\0'); if (passwd == NULL) { return(-1); diff --git a/configure b/configure index d069b79619..83366dc771 100755 --- a/configure +++ b/configure @@ -15539,6 +15539,7 @@ for ac_func in \ getgrgid \ gethostname \ getpass \ + getpassphrase \ getpwuid \ getpwnam \ getspnam \ @@ -15580,12 +15581,12 @@ for ac_func in \ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:15584: checking for $ac_func" >&5 +echo "configure:15585: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -15637,12 +15638,12 @@ done for ac_func in getopt tempnam do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:15641: checking for $ac_func" >&5 +echo "configure:15642: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15671: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -15703,13 +15704,13 @@ fi # Check Configuration echo $ac_n "checking declaration of sys_errlist""... $ac_c" 1>&6 -echo "configure:15707: checking declaration of sys_errlist" >&5 +echo "configure:15708: checking declaration of sys_errlist" >&5 if eval "test \"\${ol_cv_dcl_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -15722,7 +15723,7 @@ int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:15726: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:15727: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_dcl_sys_errlist=yes ol_cv_have_sys_errlist=yes @@ -15745,20 +15746,20 @@ EOF echo $ac_n "checking existence of sys_errlist""... $ac_c" 1>&6 -echo "configure:15749: checking existence of sys_errlist" >&5 +echo "configure:15750: checking existence of sys_errlist" >&5 if eval "test \"\${ol_cv_have_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:15762: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:15763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_have_sys_errlist=yes else diff --git a/configure.in b/configure.in index aba593f2ca..d39b36b3d8 100644 --- a/configure.in +++ b/configure.in @@ -2138,6 +2138,7 @@ AC_CHECK_FUNCS( \ getgrgid \ gethostname \ getpass \ + getpassphrase \ getpwuid \ getpwnam \ getspnam \ diff --git a/include/ac/unistd.h b/include/ac/unistd.h index 7f7476a55d..b7710dcd75 100644 --- a/include/ac/unistd.h +++ b/include/ac/unistd.h @@ -27,10 +27,17 @@ /* note: callers of crypt(3) should include */ -#ifndef HAVE_GETPASS -LIBLUTIL_F(char*)(getpass) LDAP_P((const char *getpass)); -#else +#if defined(HAVE_GETPASSPHRASE) +LIBC_F(char*)(getpassphrase)(); + +#elif defined(HAVE_GETPASS) +#define getpassphrase(p) getpass(p) LIBC_F(char*)(getpass)(); + +#else +#define NEED_GETPASSPHRASE 1 +#define getpassphrase(p) lutil_getpass(p) +LIBLUTIL_F(char*)(lutil_getpass) LDAP_P((const char *getpass)); #endif /* getopt() defines may be in separate include file */ diff --git a/include/portable.h.in b/include/portable.h.in index 0de51380f6..27d5effca1 100644 --- a/include/portable.h.in +++ b/include/portable.h.in @@ -166,6 +166,9 @@ /* Define if you have the getpass function. */ #undef HAVE_GETPASS +/* Define if you have the getpassphrase function. */ +#undef HAVE_GETPASSPHRASE + /* Define if you have the getpwnam function. */ #undef HAVE_GETPWNAM diff --git a/libraries/liblutil/getpass.c b/libraries/liblutil/getpass.c index ca8dee6c7e..7da409108e 100644 --- a/libraries/liblutil/getpass.c +++ b/libraries/liblutil/getpass.c @@ -17,8 +17,6 @@ #include "portable.h" -#ifndef HAVE_GETPASS - #include #include @@ -30,6 +28,8 @@ #include #include +#ifdef NEED_GETPASSPHRASE + #ifdef HAVE_FCNTL_H #include #endif @@ -44,16 +44,19 @@ #include "ldap_defaults.h" char * -getpass( const char *prompt ) +lutil_getpass( const char *prompt ) { #if !defined(HAVE_POSIX_TERMIOS) && !defined(HAVE_SGTTY_H) static char buf[256]; int i, c; + if( prompt == NULL ) prompt = "Password: "; + #ifdef DEBUG if (debug & D_TRACE) printf("->getpass(%s)\n", prompt); #endif + printf("%s", prompt); i = 0; while ( (c = getch()) != EOF && c != '\n' && c != '\r' ) @@ -73,6 +76,8 @@ getpass( const char *prompt ) FILE *fi; RETSIGTYPE (*sig)( int sig ); + if( prompt == NULL ) prompt = "Password: "; + #ifdef DEBUG if (debug & D_TRACE) printf("->getpass(%s)\n", prompt); @@ -155,4 +160,4 @@ getpass( const char *prompt ) #endif } -#endif /* !HAVE_GETPASS */ +#endif /* !NEED_GETPASSPHRASE */ -- 2.39.5